Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0664


Vulnerability Score 7.5 7.5
CVE Id CVE-2002-0664
Last Modified 10 Sep 2008 03:12:40
Published 04 Oct 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



The default Access Control Lists (ACLs) of the administration database for ZMerge 4.x and 5.x provides arbitrary users (including anonymous users) with Manager level access, which allows the users to read or modify import/export scripts.

Vulnerable Systems


  • Granite Software Zmerge 4.0

  • Granite Software Zmerge 5.0


BID - 5101

XF - zmerge-admindb-script-access(10057)

BUGTRAQ - 20020906 Rapid 7 Advisory R7-0005: ZMerge Insecure Default ACLs

Last Updated: 27 May 2016 10:37:01